Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/acQq4amAfsHIbAiR7h0t62C03cs.roa
File: acQq4amAfsHIbAiR7h0t62C03cs.roa (raw, json)
Hash identifier: dbGJbuS5pFcpehFNoczigt0rMZq870aqUAOcnZXs6ZI=
Subject key identifier: 69:C4:2A:E1:A9:80:7E:C1:C8:6C:08:91:EE:1D:2D:EB:60:B4:DD:CB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019935D380237F51B0DA16E1A47E32B95B55
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/acQq4amAfsHIbAiR7h0t62C03cs.roa
Signing time: Wed 10 Sep 2025 22:51:17 +0000
ROA not before: Wed 10 Sep 2025 22:51:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202256
IP address blocks: 2a06:de02:400::/38 maxlen: 48
2a10:ccc1:400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 15:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:35:d3:80:23:7f:51:b0:da:16:e1:a4:7e:32:b9:5b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 10 22:51:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69c42ae1a9807ec1c86c0891ee1d2deb60b4ddcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ba:c0:7d:bd:98:d5:30:e1:5c:3c:a8:60:79:
ed:08:3c:17:bc:9e:d1:a4:87:f1:92:5f:a3:7d:be:
3e:6a:ba:da:b1:95:dd:1c:88:c8:10:9d:f8:27:98:
ef:ed:60:1a:6a:cc:f1:62:48:8e:79:6f:54:50:f6:
1d:f4:60:e7:e0:1e:67:73:c4:65:31:09:22:41:64:
22:bf:51:63:08:1b:f4:14:0e:45:56:d1:5b:61:a7:
85:1a:4d:3d:42:ec:ed:3e:da:27:05:f8:c8:1e:46:
11:0b:c5:b5:5d:35:cc:bf:4a:34:54:11:17:d4:23:
4b:62:64:ae:95:dd:e2:26:6c:de:3b:a1:35:94:d8:
ac:39:ac:ed:2f:fe:33:1e:d4:54:65:47:59:45:0a:
1b:d6:ee:97:84:ab:c2:ec:26:ae:d4:70:c7:52:df:
50:eb:07:1b:2f:82:a1:9c:41:f1:6c:9c:99:4c:98:
0c:76:e2:bc:7e:68:a7:95:05:fb:47:3e:62:95:46:
71:28:55:45:bc:ef:1f:f6:c0:fd:94:78:81:45:00:
46:1a:20:14:e3:79:ea:84:82:e5:5e:26:40:cf:da:
8d:b1:88:43:fb:42:67:d7:e7:b5:a0:ed:e8:f5:93:
0b:c7:d2:61:e3:3f:23:92:9d:64:34:0f:c5:4a:01:
55:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C4:2A:E1:A9:80:7E:C1:C8:6C:08:91:EE:1D:2D:EB:60:B4:DD:CB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/acQq4amAfsHIbAiR7h0t62C03cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de02:400::/38
2a10:ccc1:400::/38
Signature Algorithm: sha256WithRSAEncryption
aa:83:24:48:6e:1a:ca:4d:c4:23:d4:b7:33:c6:fd:45:9e:2e:
7a:4c:fc:6e:89:3a:59:1c:84:93:aa:ff:49:7f:54:ef:65:a8:
c5:c8:66:7c:b2:f4:84:d0:98:bf:3a:19:63:20:47:5d:dc:65:
12:69:c0:a4:32:d9:41:65:e6:9b:b1:b5:61:ef:1f:a2:ce:3d:
3a:34:78:16:91:ef:08:e0:88:8b:6d:74:cc:70:38:49:47:6f:
0d:40:f5:91:a5:74:59:5b:99:b9:53:d9:b1:8a:b2:ab:d1:2f:
b2:24:46:54:d5:0b:34:56:7e:25:b9:b0:01:23:4a:4d:89:32:
83:e1:7b:ee:25:b8:29:44:8d:08:ef:17:a6:24:a9:39:a8:b5:
b7:eb:7b:1f:d4:fb:90:55:b2:a0:ea:e7:e2:87:67:e1:7b:a1:
f2:e1:60:38:85:a9:e8:44:f2:19:74:39:53:22:41:c8:72:4f:
1f:cf:79:f6:f4:8e:e4:cb:9d:5c:01:f9:e7:ad:81:8c:f8:c7:
33:04:8f:fc:ca:21:56:7d:4d:6f:8d:61:6a:1f:ca:91:c2:f8:
89:36:63:2b:f1:fc:2a:e9:3d:59:aa:e1:c6:42:96:9d:7a:ab:
e0:f9:c7:41:82:ee:b0:1b:ac:d0:5c:45:25:b6:bb:6d:47:97:
b9:a2:e5:27
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZk104Ajf1Gw2hbhpH4yuVtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwOTEwMjI1MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWM0MmFlMWE5ODA3ZWMxYzg2YzA4OTFlZTFkMmRlYjYwYjRkZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbrAfb2Y1TDhXDyoYHntCDwXvJ7R
pIfxkl+jfb4+arrasZXdHIjIEJ34J5jv7WAaaszxYkiOeW9UUPYd9GDn4B5nc8Rl
MQkiQWQiv1FjCBv0FA5FVtFbYaeFGk09QuztPtonBfjIHkYRC8W1XTXMv0o0VBEX
1CNLYmSuld3iJmzeO6E1lNisOaztL/4zHtRUZUdZRQob1u6XhKvC7Cau1HDHUt9Q
6wcbL4KhnEHxbJyZTJgMduK8fminlQX7Rz5ilUZxKFVFvO8f9sD9lHiBRQBGGiAU
43nqhILlXiZAz9qNsYhD+0Jn1+e1oO3o9ZMLx9Jh4z8jkp1kNA/FSgFVHQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGnEKuGpgH7ByGwIke4dLetgtN3LMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYWNRcTRhbUFmc0hJYkFpUjdoMHQ2MkMwM2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYCKgbeAgQD
BgIqEMzBBDANBgkqhkiG9w0BAQsFAAOCAQEAqoMkSG4ayk3EI9S3M8b9RZ4uekz8
bok6WRyEk6r/SX9U72WoxchmfLL0hNCYvzoZYyBHXdxlEmnApDLZQWXmm7G1Ye8f
os49OjR4FpHvCOCIi210zHA4SUdvDUD1kaV0WVuZuVPZsYqyq9EvsiRGVNULNFZ+
JbmwASNKTYkyg+F77iW4KUSNCO8XpiSpOai1t+t7H9T7kFWyoOrn4odn4Xuh8uFg
OIWp6ETyGXQ5UyJByHJPH8959vSO5MudXAH5562BjPjHMwSP/MohVn1Nb41hah/K
kcL4iTZjK/H8Kuk9WarhxkKWnXqr4PnHQYLusBus0FxFJba7bUeXuaLlJw==
-----END CERTIFICATE-----
Generated at Wed Sep 17 21:29:13 2025 by rpki-client